Home Depot has confirmed that its payment processing system has been breached. Home Depot hasn’t released the scope of the breach, which it says is still being investigated. Analysts say it could be one of the largest breaches on record.
In a press release, the company confirmed the breach and states that it may have impacted “any customer that has used their payment card at our U.S. and Canadian stores, from April forward.” So far, there is no evidence that the breach affects customers who bought online at HomeDepot.com.
Home Depot stresses that any affected customers won’t be responsible for any fraudulent charges on their accounts. The company is also offering free identity protection services, including credit monitoring, to customers who shopped at a store from April 2014 on. Forbes.com writes that the company’s actions reflect “an attempt to help customers — and avoid some of the fallout that has plagued data-breach victim Target.”
The Target breach led to the theft of 40 million payment card numbers and 70 million customer records. The incident cost the company in lost profit and revenue; in addition, Target’s CEO and chief information officer both stepped down in the fall out.
Reuters is reporting that the Attorney General’s office in four states will lead an investigation into the breach. They are: Connecticut, California, and Illinois. New York and Iowa are also participating in the inquiry.
The breach was discovered early September by banks and law enforcement who suspected that Home Depots payment data systems may have been hacked. Home Depot has said that malware was used in the attack. The company’s IT security team is working with IT security firms, its banking partners and the Secret Service to investigate.
Home Depot operates 2,266 retail stores in all 50 states and is the world’s biggest home improvement store. Last year, it posted sales of $78.8 billion and earnings of $5.4 billion.
In addition to the Home Depot and Target data breaches, hackers have also hit Neiman Marcus, Supervalu Grocery, P.F. Chang’s restaurants and the thrift store operations of Goodwill.
NPR.com writes, “The retail breaches have rattled shoppers’ confidence at a time when privacy concerns are high. It’s also increased pressure on retailers to increase security so that customers can feel safe that their personal data is secure when they’re out shopping.”